A sensor network is composed of a large number of small-volume, cheap and battery powered sensor nodes capable of radio communication and monitoring. These nodes are deployed densely in a monitored region for the purpose of monitoring the real world. A network of radio sensors is a new research area of information technologies and finds its prospect of wide applications in environment monitoring, military affairs, national defense, controlled traffic, community security, protection against forest fire, target positioning, etc.
Since a sensor network is typically deployed in an unmanned and even enemy region, communication between nodes is subject to eavesdropping, tampering or replay, and the nodes themselves are subject to attacks such as interception, duplication, or falsification, so the security of the network is greatly endangered and it is desired to introduce key management, node authentication and other underlying security mechanisms so as to find and prevent from the above security threat, secure communication between the nodes and verify effectively the identity of a node in the network for legality. A key management mechanism is a basic of sensor network security. Existing methods fall into three categories in which a key is shared throughout the network, a key is shared between every two nodes and a random key is pre-distributed. Since a node in the sensor network is subject to an interception attack and strictly limited in its storage resource, but the first two key management methods either fail to deal with an interception attack on a node or require a considerable storage overhead, so neither of them can be fully applicable to the sensor network. The key management method in which a random key is pre-distributed has characteristics of good extensibility, high key connectivity, high resistance against destruction, etc., and is a currently practicable method. In this method, however, the same key may be distributed multiple times to different nodes, and when the nodes perform identity authentication with the key, each node can only verify another node for legality but can not confirm the identity of the another node, that is, end-to-end identity authentication is impossible. Also an authentication mechanism is a basic of sensor network security. Currently proposed mechanisms of authenticating a node in a sensor network are generally a light-weight authentication approach based upon a pre-shared key which is typically provided in a key management method adopted in the network. With the use of the existing random key pre-distribution approach in a network, a key generated in this way can not be used to provide a node in the network with an end-to-end authentication service, and in this event of only verifying another node for legality but failing to confirm the specific identity of the another node, the sensor network can not deal with interception, duplication, falsification and other attacks on a node, thus exposing the network to a great security risk.